I am writing to seek some advice on an issue which brought to me by one of my clients.
The problem which my client is facing at the moment is that their computer has been infected with bit locker or ransome virus. All their personal data are encrypted. This includes their personal photos, documents, important files which consist of their personal loan documents, and much more.
Upon receiving the computer (after the client had called me to have a look) – the husband already and probably had removed the bit-locker .exe by running a paid-spyhunter programme onto the system.
I got to the client’s house a few days later and ran a few utilities such as Malwarebytes and other tools to scan the system. I also re-ran the spyhunter (the one he had purchased) but found no viruses nor infections as he had already done it then. I have also restored the computer to the previous dates or back to the only-date stored on the system but it still does not bring back their previous files – the files are still encrypted. I even right click on the encrypted file to choose previous versions but there aren’t any previous versions available via each infected file.
This is something I’ve never come across before. However when I did some research online, there are so many informations which doesn't even show me how to decrypt back the original files. So i take - this kind of problems can not be fixed.
The clients computer is with me now, waiting to be fixed. Also the clients advised me prior to how the problem started; the son (8 years) downloaded a game online (he normally does and he had downloaded games before with no problem) and installed and found that the pc is infected after the installation (by bit-locker). The father advises that there are no backups in place. They are really desperate to get all their files back (decrypted).
All their files are infected with the ramsome and all files ends with prefixed .aimmkvi
I thought I write to you if you can look into how to fix these kinds of problems but moreover, providing solutions on how to decrypt the files back to its normal conditions.
Thanks and I look forward for a favorable response.